PF_RING API
API documentation for PF_RING: high-speed packet capture, filtering and analysis framework.
Loading...
Searching...
No Matches
pfring_ft.h
Go to the documentation of this file.
1/*
2 *
3 * (C) 2018-2023 - ntop
4 *
5 * http://www.ntop.org/
6 *
7 * This code is proprietary code subject to the terms and conditions
8 * defined in LICENSE file which is part of this source code package.
9 *
10 */
11
12#ifndef _PFRING_FT_H_
13#define _PFRING_FT_H_
14
21#include <sys/types.h>
22
23#ifdef __cplusplus
24extern "C" {
25#endif
26
27#define FT_API_VERSION 95
28
29typedef void pfring_ft_table;
30typedef void pfring_ft_list;
31typedef void pfring_ft_flow;
32
33struct ndpi_detection_module_struct;
34struct ndpi_flow_struct;
35
36/*** enums ***/
37
38#define PFRING_FT_ACTION_DEFAULT 0
39#define PFRING_FT_ACTION_FORWARD 1
40#define PFRING_FT_ACTION_DISCARD 2
41#define PFRING_FT_ACTION_USER_1 3
42#define PFRING_FT_ACTION_USER_2 4
43#define PFRING_FT_ACTION_SLICE 5
45typedef u_int8_t pfring_ft_action;
46
47typedef enum {
48 s2d_direction = 0,
49 d2s_direction,
50 PF_RING_FT_FLOW_NUM_DIRECTIONS
51} pfring_ft_direction;
52
53typedef enum {
54 PFRING_FT_FLOW_STATUS_ACTIVE = 0,
55 PFRING_FT_FLOW_STATUS_IDLE_TIMEOUT,
56 PFRING_FT_FLOW_STATUS_ACTIVE_TIMEOUT,
57 PFRING_FT_FLOW_STATUS_END_DETECTED,
58 PFRING_FT_FLOW_STATUS_FORCED_END,
59 PFRING_FT_FLOW_STATUS_SLICE_TIMEOUT,
60 PFRING_FT_FLOW_STATUS_OVERFLOW
61} pfring_ft_flow_status;
62
63#define PF_RING_FT_FLOW_FLAGS_L7_GUESS (1 << 0)
65typedef struct {
66 u_int32_t num_protocols;
68 /* Filtering */
69 struct {
70 pfring_ft_action *protocol_to_action;
71 } match;
72
73 /* Shunting */
74 struct {
75 u_int8_t default_npkts;
76 u_int8_t tcp_npkts;
77 u_int8_t udp_npkts;
78 u_int8_t *protocol_to_npkts;
79 } shunt;
80} pfring_ft_flow_filter;
81
82/*** packet header structs ***/
83
84typedef u_int32_t pfring_ft_in4_addr;
85
86typedef struct {
87 union {
88 u_int8_t u6_addr8[16];
89 u_int16_t u6_addr16[8];
90 u_int32_t u6_addr32[4];
91 } u6_addr;
92} __attribute__((packed))
93pfring_ft_in6_addr;
94
95typedef struct {
96 u_int8_t ihl:4, version:4;
97 u_int8_t tos;
98 u_int16_t tot_len;
99 u_int16_t id;
100 u_int16_t frag_off;
101 u_int8_t ttl;
102 u_int8_t protocol;
103 u_int16_t check;
104 u_int32_t saddr;
105 u_int32_t daddr;
106} __attribute__((packed))
107pfring_ft_iphdr;
108
109typedef struct {
110 u_int32_t ip6_un1_flow;
111 u_int16_t ip6_un1_plen;
112 u_int8_t ip6_un1_nxt;
113 u_int8_t ip6_un1_hlim;
114 pfring_ft_in6_addr ip6_src;
115 pfring_ft_in6_addr ip6_dst;
116} __attribute__((packed))
117pfring_ft_ipv6hdr;
118
119typedef struct {
120 u_int16_t source;
121 u_int16_t dest;
122 u_int32_t seq;
123 u_int32_t ack_seq;
124 u_int16_t res1:4, doff:4, fin:1, syn:1, rst:1, psh:1, ack:1, urg:1, ece:1, cwr:1;
125 u_int16_t window;
126 u_int16_t check;
127 u_int16_t urg_ptr;
128} __attribute__((packed))
129pfring_ft_tcphdr;
130
131typedef struct {
132 u_int16_t source;
133 u_int16_t dest;
134 u_int16_t len;
135 u_int16_t check;
136} __attribute__((packed))
137pfring_ft_udphdr;
138
139/*** packet metadata structs ***/
140
141typedef struct { /* pfring_pkthdr / pcap_pkthdr common struct */
142 struct timeval ts;
143 u_int32_t caplen;
144 u_int32_t len;
145} pfring_ft_pcap_pkthdr;
146
147typedef struct { /* additional packet metadata not available in pcap_pkthdr */
148 u_int32_t hash;
149 u_int16_t device_id;
150 u_int8_t port_id;
151 u_int8_t reserved;
152} pfring_ft_ext_pkthdr;
153
154typedef struct {
155 pfring_ft_pcap_pkthdr *hdr;
156 pfring_ft_ext_pkthdr *ext_hdr;
157 pfring_ft_direction direction;
158 pfring_ft_action action;
159 u_int16_t vlan_id;
160 u_int8_t ip_version;
161 u_int8_t l4_proto;
162 u_int16_t payload_len;
163 u_int16_t reserved; /* padding */
164 union {
165 pfring_ft_iphdr *ip4;
166 pfring_ft_ipv6hdr *ip6;
167 } l3;
168 union {
169 pfring_ft_tcphdr *tcp;
170 pfring_ft_udphdr *udp;
171 } l4;
172 const u_char *payload;
173} pfring_ft_packet_metadata;
174
175/*** flow metadata structs ***/
176
177typedef union {
178 pfring_ft_in4_addr v4;
179 pfring_ft_in6_addr v6;
180} pfring_ft_ip_address;
181
182typedef struct {
183 u_int16_t master_protocol;
184 u_int16_t app_protocol;
185 int category;
186} pfring_ft_ndpi_protocol;
187
188typedef struct {
189 u_int8_t smac[6];
190 u_int8_t dmac[6];
191 pfring_ft_ip_address saddr;
192 pfring_ft_ip_address daddr;
193 u_int8_t ip_version;
194 u_int8_t protocol;
195 u_int16_t sport;
196 u_int16_t dport;
197 u_int16_t vlan_id;
198} pfring_ft_flow_key;
199
200typedef struct {
201 u_int64_t pkts;
202 u_int64_t bytes;
203 struct timeval first;
204 struct timeval last;
205 u_int8_t tcp_flags;
206 u_int8_t port_id;
207 u_int16_t device_id;
208} pfring_ft_flow_dir_value;
209
210typedef struct {
211 pfring_ft_flow_dir_value direction[PF_RING_FT_FLOW_NUM_DIRECTIONS];
213 pfring_ft_ndpi_protocol l7_protocol;
214 u_int32_t tunnel_type;
215 u_int32_t tunnel_id;
217 union {
218 struct {
219 char *query;
220 u_int16_t queryType;
221 u_int16_t replyCode;
222 } dns;
223
224 struct {
225 char *serverName;
226 u_int8_t *sha1_certificate_fingerprint;
227 } tls;
228
229 struct {
230 char *serverName;
231 char *url;
232 u_int16_t responseCode;
233 } http;
234
235 struct {
236 u_int8_t type;
237 u_int8_t code;
238 } icmp;
239 } l7_metadata;
240
241 pfring_ft_flow_status status;
242 u_int32_t flags;
244 u_char *user;
248} pfring_ft_flow_value;
249
250/*** stats struct ***/
251
252typedef struct {
253 u_int64_t active_flows;
254 u_int64_t flows;
255 u_int64_t err_no_room;
256 u_int64_t err_no_mem;
257 u_int64_t disc_no_ip;
258 u_int64_t max_lookup_depth;
259 u_int64_t packets;
260 u_int64_t bytes;
261} pfring_ft_stats;
262
263typedef struct {
264 u_int32_t num_buffered_records;
265 u_int32_t exported_flows;
266 u_int32_t dropped_flows;
267} pfring_ft_export_stats;
268
269/*** Callbacks prototypes ***/
270
271typedef void
272(*pfring_ft_export_list_func) (
273 pfring_ft_list *flows_list,
274 void *user
275);
276
277typedef void
278(*pfring_ft_export_flow_func) (
279 pfring_ft_flow *flow,
280 void *user
281);
282
283typedef void
284(*pfring_ft_flow_packet_func) (
285 const u_char *data,
286 pfring_ft_packet_metadata *metadata,
287 pfring_ft_flow *flow,
288 void *user
289);
290
291#define PFRING_FT_TABLE_FLAGS_DPI (1 << 0)
292#define PFRING_FT_TABLE_FLAGS_DPI_EXTRA (1 << 1)
293#define PFRING_FT_DECODE_TUNNELS (1 << 2)
294#define PFRING_FT_IGNORE_HW_HASH (1 << 3)
295#define PFRING_FT_IGNORE_VLAN (1 << 4)
296#define PFRING_FT_TABLE_FLAGS_NO_GUESS (1 << 5)
307pfring_ft_table *
308pfring_ft_create_table(
309 u_int32_t flags,
310 u_int32_t max_flows,
311 u_int32_t flow_idle_timeout,
312 u_int32_t flow_lifetime_timeout,
313 u_int32_t user_metadata_size
314);
315
320void
321pfring_ft_destroy_table(
322 pfring_ft_table *table
323);
324
331void
332pfring_ft_flow_set_flow_slicing(
333 pfring_ft_table *table,
334 u_int32_t flow_slice_timeout
335);
336
343void
344pfring_ft_set_new_flow_callback(
345 pfring_ft_table *table,
346 pfring_ft_export_flow_func callback,
347 void *user
348);
349
356void
357pfring_ft_set_flow_packet_callback(
358 pfring_ft_table *table,
359 pfring_ft_flow_packet_func callback,
360 void *user
361);
362
369void
370pfring_ft_set_l7_detected_callback(
371 pfring_ft_table *table,
372 pfring_ft_flow_packet_func callback,
373 void *user
374);
375
383void
384pfring_ft_set_flow_export_callback(
385 pfring_ft_table *table,
386 pfring_ft_export_flow_func callback,
387 void *user
388);
389
399void
400pfring_ft_set_flow_list_export_callback(
401 pfring_ft_table *table,
402 pfring_ft_export_list_func callback,
403 void *user
404);
405
415pfring_ft_action
416pfring_ft_process(
417 pfring_ft_table *table,
418 const u_char *packet,
419 const pfring_ft_pcap_pkthdr *header,
420 const pfring_ft_ext_pkthdr *ext_header
421);
422
430int
431pfring_ft_housekeeping(
432 pfring_ft_table *table,
433 u_int32_t epoch
434);
435
440void
441pfring_ft_flush(
442 pfring_ft_table *table
443);
444
450pfring_ft_flow *
451pfring_ft_list_get_next(
452 pfring_ft_list *list
453);
454
460u_int64_t
461pfring_ft_flow_get_id(
462 pfring_ft_flow *flow
463);
464
470pfring_ft_flow_key *
471pfring_ft_flow_get_key(
472 pfring_ft_flow *flow
473);
474
480pfring_ft_flow_value *
481pfring_ft_flow_get_value(
482 pfring_ft_flow *flow
483);
484
490struct ndpi_flow_struct *
491pfring_ft_flow_get_ndpi_handle(
492 pfring_ft_flow *flow
493);
494
500void
501pfring_ft_flow_set_action(
502 pfring_ft_flow *flow,
503 pfring_ft_action action
504);
505
511pfring_ft_action
512pfring_ft_flow_get_action(
513 pfring_ft_flow *flow
514);
515
522int
523pfring_ft_flow_get_users(
524 pfring_ft_flow *flow
525);
526
531void
532pfring_ft_flow_free(
533 pfring_ft_flow *flow
534);
535
545void
546pfring_ft_zmq_export_configure(
547 pfring_ft_table *table,
548 const char *endpoint,
549 const char *server_public_key,
550 u_int8_t probe_mode,
551 u_int8_t disable_compression,
552 u_int8_t use_json
553);
554
564void
565pfring_ft_zmq_export_flow(
566 pfring_ft_flow *flow,
567 void *user
568);
569
578void
579pfring_ft_zmq_export_stats(
580 pfring_ft_table *table,
581 const char *if_name,
582 u_int16_t if_speed,
583 const char *if_ip,
584 const char *management_ip
585);
586
592void
593pfring_ft_zmq_get_stats(
594 pfring_ft_table *table,
595 pfring_ft_export_stats *stats
596);
597
606void
607pfring_ft_set_default_action(
608 pfring_ft_table *table,
609 pfring_ft_action action
610);
611
619int
620pfring_ft_load_configuration(
621 pfring_ft_table *table,
622 const char *path
623);
624
634int
635pfring_ft_load_configuration_ext(
636 pfring_ft_table *table,
637 const char *path,
638 pfring_ft_flow_filter *filter
639);
640
647void
648pfring_ft_set_shunt_protocol_by_name(
649 pfring_ft_table *table,
650 const char *protocol_name,
651 u_int8_t packets
652);
653
660void
661pfring_ft_set_filter_all_protocols(
662 pfring_ft_table *table,
663 pfring_ft_action action
664);
665
672void
673pfring_ft_set_filter_protocol_by_name(
674 pfring_ft_table *table,
675 const char *protocol_name,
676 pfring_ft_action action
677);
678
687char *
688pfring_ft_l7_protocol_name(
689 pfring_ft_table *table,
690 pfring_ft_ndpi_protocol *protocol,
691 char *buffer,
692 int buffer_len
693);
694
701u_int16_t
702pfring_ft_l7_protocol_id(
703 pfring_ft_table *table,
704 const char *name
705);
706
715int
716pfring_ft_set_ndpi_handle(
717 pfring_ft_table *table,
718 struct ndpi_detection_module_struct *ndpi
719);
720
726struct ndpi_detection_module_struct *
727pfring_ft_get_ndpi_handle(
728 pfring_ft_table *table
729);
730
739int
740pfring_ft_load_ndpi_protocols(
741 pfring_ft_table *table,
742 const char *path
743);
744
753int
754pfring_ft_load_ndpi_categories(
755 pfring_ft_table *table,
756 const char *path
757);
758
763int
764pfring_ft_is_ndpi_available();
765
771pfring_ft_stats *
772pfring_ft_get_stats(
773 pfring_ft_table *table
774);
775
780void
781pfring_ft_version(
782 char *version
783);
784
789u_int32_t
790pfring_ft_api_version(
791);
792
800int
801pfring_ft_license(
802 char *system_id,
803 time_t *license_expiration,
804 time_t *maintenance_expiration
805);
806
812int
813pfring_ft_set_license(
814 const char *license_key
815);
816
820void
821pfring_ft_debug(
822 void
823);
824
825#ifdef __cplusplus
826}
827#endif
828
829#endif /* _PFRING_FT_H_ */
830
pfring_ft_set_license
int pfring_ft_set_license(const char *license_key)
pfring_ft_flow_get_users
int pfring_ft_flow_get_users(pfring_ft_flow *flow)
pfring_ft_set_default_action
void pfring_ft_set_default_action(pfring_ft_table *table, pfring_ft_action action)
pfring_ft_get_ndpi_handle
struct ndpi_detection_module_struct * pfring_ft_get_ndpi_handle(pfring_ft_table *table)
pfring_ft_load_ndpi_categories
int pfring_ft_load_ndpi_categories(pfring_ft_table *table, const char *path)
pfring_ft_l7_protocol_id
u_int16_t pfring_ft_l7_protocol_id(pfring_ft_table *table, const char *name)
pfring_ft_flow_get_ndpi_handle
struct ndpi_flow_struct * pfring_ft_flow_get_ndpi_handle(pfring_ft_flow *flow)
pfring_ft_flow_get_key
pfring_ft_flow_key * pfring_ft_flow_get_key(pfring_ft_flow *flow)
pfring_ft_set_filter_protocol_by_name
void pfring_ft_set_filter_protocol_by_name(pfring_ft_table *table, const char *protocol_name, pfring_ft_action action)
pfring_ft_load_configuration_ext
int pfring_ft_load_configuration_ext(pfring_ft_table *table, const char *path, pfring_ft_flow_filter *filter)
pfring_ft_load_configuration
int pfring_ft_load_configuration(pfring_ft_table *table, const char *path)
pfring_ft_l7_protocol_name
char * pfring_ft_l7_protocol_name(pfring_ft_table *table, pfring_ft_ndpi_protocol *protocol, char *buffer, int buffer_len)
pfring_ft_direction
pfring_ft_direction
Definition pfring_ft.h:47
d2s_direction
@ d2s_direction
Definition pfring_ft.h:49
s2d_direction
@ s2d_direction
Definition pfring_ft.h:48
pfring_ft_set_ndpi_handle
int pfring_ft_set_ndpi_handle(pfring_ft_table *table, struct ndpi_detection_module_struct *ndpi)
pfring_ft_zmq_export_stats
void pfring_ft_zmq_export_stats(pfring_ft_table *table, const char *if_name, u_int16_t if_speed, const char *if_ip, const char *management_ip)
pfring_ft_flow_free
void pfring_ft_flow_free(pfring_ft_flow *flow)
pfring_ft_flow_get_value
pfring_ft_flow_value * pfring_ft_flow_get_value(pfring_ft_flow *flow)
pfring_ft_get_stats
pfring_ft_stats * pfring_ft_get_stats(pfring_ft_table *table)
pfring_ft_destroy_table
void pfring_ft_destroy_table(pfring_ft_table *table)
pfring_ft_version
void pfring_ft_version(char *version)
pfring_ft_process
pfring_ft_action pfring_ft_process(pfring_ft_table *table, const u_char *packet, const pfring_ft_pcap_pkthdr *header, const pfring_ft_ext_pkthdr *ext_header)
pfring_ft_set_l7_detected_callback
void pfring_ft_set_l7_detected_callback(pfring_ft_table *table, pfring_ft_flow_packet_func callback, void *user)
pfring_ft_flow_set_flow_slicing
void pfring_ft_flow_set_flow_slicing(pfring_ft_table *table, u_int32_t flow_slice_timeout)
pfring_ft_set_flow_packet_callback
void pfring_ft_set_flow_packet_callback(pfring_ft_table *table, pfring_ft_flow_packet_func callback, void *user)
pfring_ft_flow_get_action
pfring_ft_action pfring_ft_flow_get_action(pfring_ft_flow *flow)
pfring_ft_set_shunt_protocol_by_name
void pfring_ft_set_shunt_protocol_by_name(pfring_ft_table *table, const char *protocol_name, u_int8_t packets)
pfring_ft_debug
void pfring_ft_debug(void)
pfring_ft_zmq_export_flow
void pfring_ft_zmq_export_flow(pfring_ft_flow *flow, void *user)
pfring_ft_create_table
pfring_ft_table * pfring_ft_create_table(u_int32_t flags, u_int32_t max_flows, u_int32_t flow_idle_timeout, u_int32_t flow_lifetime_timeout, u_int32_t user_metadata_size)
pfring_ft_list_get_next
pfring_ft_flow * pfring_ft_list_get_next(pfring_ft_list *list)
pfring_ft_license
int pfring_ft_license(char *system_id, time_t *license_expiration, time_t *maintenance_expiration)
pfring_ft_flow_get_id
u_int64_t pfring_ft_flow_get_id(pfring_ft_flow *flow)
pfring_ft_flow_set_action
void pfring_ft_flow_set_action(pfring_ft_flow *flow, pfring_ft_action action)
pfring_ft_set_flow_export_callback
void pfring_ft_set_flow_export_callback(pfring_ft_table *table, pfring_ft_export_flow_func callback, void *user)
pfring_ft_flow_status
pfring_ft_flow_status
Definition pfring_ft.h:53
PFRING_FT_FLOW_STATUS_SLICE_TIMEOUT
@ PFRING_FT_FLOW_STATUS_SLICE_TIMEOUT
Definition pfring_ft.h:59
PFRING_FT_FLOW_STATUS_OVERFLOW
@ PFRING_FT_FLOW_STATUS_OVERFLOW
Definition pfring_ft.h:60
PFRING_FT_FLOW_STATUS_END_DETECTED
@ PFRING_FT_FLOW_STATUS_END_DETECTED
Definition pfring_ft.h:57
PFRING_FT_FLOW_STATUS_ACTIVE
@ PFRING_FT_FLOW_STATUS_ACTIVE
Definition pfring_ft.h:54
PFRING_FT_FLOW_STATUS_ACTIVE_TIMEOUT
@ PFRING_FT_FLOW_STATUS_ACTIVE_TIMEOUT
Definition pfring_ft.h:56
PFRING_FT_FLOW_STATUS_FORCED_END
@ PFRING_FT_FLOW_STATUS_FORCED_END
Definition pfring_ft.h:58
PFRING_FT_FLOW_STATUS_IDLE_TIMEOUT
@ PFRING_FT_FLOW_STATUS_IDLE_TIMEOUT
Definition pfring_ft.h:55
pfring_ft_is_ndpi_available
int pfring_ft_is_ndpi_available()
pfring_ft_flush
void pfring_ft_flush(pfring_ft_table *table)
pfring_ft_api_version
u_int32_t pfring_ft_api_version()
pfring_ft_zmq_get_stats
void pfring_ft_zmq_get_stats(pfring_ft_table *table, pfring_ft_export_stats *stats)
pfring_ft_zmq_export_configure
void pfring_ft_zmq_export_configure(pfring_ft_table *table, const char *endpoint, const char *server_public_key, u_int8_t probe_mode, u_int8_t disable_compression, u_int8_t use_json)
pfring_ft_load_ndpi_protocols
int pfring_ft_load_ndpi_protocols(pfring_ft_table *table, const char *path)
pfring_ft_set_flow_list_export_callback
void pfring_ft_set_flow_list_export_callback(pfring_ft_table *table, pfring_ft_export_list_func callback, void *user)
pfring_ft_set_new_flow_callback
void pfring_ft_set_new_flow_callback(pfring_ft_table *table, pfring_ft_export_flow_func callback, void *user)
pfring_ft_housekeeping
int pfring_ft_housekeeping(pfring_ft_table *table, u_int32_t epoch)
pfring_ft_set_filter_all_protocols
void pfring_ft_set_filter_all_protocols(pfring_ft_table *table, pfring_ft_action action)
__attribute__
Definition pf_ring.h:316
pfring_ft_export_stats
Definition pfring_ft.h:263
pfring_ft_ext_pkthdr
Definition pfring_ft.h:147
pfring_ft_ext_pkthdr::hash
u_int32_t hash
Definition pfring_ft.h:148
pfring_ft_ext_pkthdr::device_id
u_int16_t device_id
Definition pfring_ft.h:149
pfring_ft_ext_pkthdr::port_id
u_int8_t port_id
Definition pfring_ft.h:150
pfring_ft_ext_pkthdr::reserved
u_int8_t reserved
Definition pfring_ft.h:151
pfring_ft_flow_dir_value
Definition pfring_ft.h:200
pfring_ft_flow_dir_value::bytes
u_int64_t bytes
Definition pfring_ft.h:202
pfring_ft_flow_dir_value::device_id
u_int16_t device_id
Definition pfring_ft.h:207
pfring_ft_flow_dir_value::tcp_flags
u_int8_t tcp_flags
Definition pfring_ft.h:205
pfring_ft_flow_dir_value::port_id
u_int8_t port_id
Definition pfring_ft.h:206
pfring_ft_flow_dir_value::pkts
u_int64_t pkts
Definition pfring_ft.h:201
pfring_ft_flow_filter
Definition pfring_ft.h:65
pfring_ft_flow_filter::udp_npkts
u_int8_t udp_npkts
Definition pfring_ft.h:77
pfring_ft_flow_filter::protocol_to_npkts
u_int8_t * protocol_to_npkts
Definition pfring_ft.h:78
pfring_ft_flow_filter::num_protocols
u_int32_t num_protocols
Definition pfring_ft.h:66
pfring_ft_flow_filter::protocol_to_action
pfring_ft_action * protocol_to_action
Definition pfring_ft.h:70
pfring_ft_flow_filter::default_npkts
u_int8_t default_npkts
Definition pfring_ft.h:75
pfring_ft_flow_filter::tcp_npkts
u_int8_t tcp_npkts
Definition pfring_ft.h:76
pfring_ft_flow_key
Definition pfring_ft.h:188
pfring_ft_flow_key::vlan_id
u_int16_t vlan_id
Definition pfring_ft.h:197
pfring_ft_flow_key::saddr
pfring_ft_ip_address saddr
Definition pfring_ft.h:191
pfring_ft_flow_key::daddr
pfring_ft_ip_address daddr
Definition pfring_ft.h:192
pfring_ft_flow_key::sport
u_int16_t sport
Definition pfring_ft.h:195
pfring_ft_flow_key::ip_version
u_int8_t ip_version
Definition pfring_ft.h:193
pfring_ft_flow_key::dport
u_int16_t dport
Definition pfring_ft.h:196
pfring_ft_flow_key::protocol
u_int8_t protocol
Definition pfring_ft.h:194
pfring_ft_flow_value
Definition pfring_ft.h:210
pfring_ft_flow_value::type
u_int8_t type
Definition pfring_ft.h:236
pfring_ft_flow_value::url
char * url
Definition pfring_ft.h:231
pfring_ft_flow_value::tunnel_id
u_int32_t tunnel_id
Definition pfring_ft.h:215
pfring_ft_flow_value::replyCode
u_int16_t replyCode
Definition pfring_ft.h:221
pfring_ft_flow_value::queryType
u_int16_t queryType
Definition pfring_ft.h:220
pfring_ft_flow_value::flags
u_int32_t flags
Definition pfring_ft.h:242
pfring_ft_flow_value::serverName
char * serverName
Definition pfring_ft.h:225
pfring_ft_flow_value::tunnel_type
u_int32_t tunnel_type
Definition pfring_ft.h:214
pfring_ft_flow_value::responseCode
u_int16_t responseCode
Definition pfring_ft.h:232
pfring_ft_flow_value::sha1_certificate_fingerprint
u_int8_t * sha1_certificate_fingerprint
Definition pfring_ft.h:226
pfring_ft_flow_value::l7_protocol
pfring_ft_ndpi_protocol l7_protocol
Definition pfring_ft.h:213
pfring_ft_flow_value::code
u_int8_t code
Definition pfring_ft.h:237
pfring_ft_flow_value::user
u_char * user
Definition pfring_ft.h:244
pfring_ft_flow_value::query
char * query
Definition pfring_ft.h:219
pfring_ft_ndpi_protocol
Definition pfring_ft.h:182
pfring_ft_ndpi_protocol::master_protocol
u_int16_t master_protocol
Definition pfring_ft.h:183
pfring_ft_ndpi_protocol::app_protocol
u_int16_t app_protocol
Definition pfring_ft.h:184
pfring_ft_packet_metadata
Definition pfring_ft.h:154
pfring_ft_pcap_pkthdr
Definition pfring_ft.h:141
pfring_ft_pcap_pkthdr::caplen
u_int32_t caplen
Definition pfring_ft.h:143
pfring_ft_pcap_pkthdr::len
u_int32_t len
Definition pfring_ft.h:144
pfring_ft_stats
Definition pfring_ft.h:252
pfring_ft_stats::bytes
u_int64_t bytes
Definition pfring_ft.h:260
pfring_ft_stats::flows
u_int64_t flows
Definition pfring_ft.h:254
pfring_ft_stats::err_no_room
u_int64_t err_no_room
Definition pfring_ft.h:255
pfring_ft_stats::active_flows
u_int64_t active_flows
Definition pfring_ft.h:253
pfring_ft_stats::disc_no_ip
u_int64_t disc_no_ip
Definition pfring_ft.h:257
pfring_ft_stats::max_lookup_depth
u_int64_t max_lookup_depth
Definition pfring_ft.h:258
pfring_ft_stats::packets
u_int64_t packets
Definition pfring_ft.h:259
pfring_ft_stats::err_no_mem
u_int64_t err_no_mem
Definition pfring_ft.h:256
pfring_ft_ip_address
Definition pfring_ft.h:177